<?php

session_start();

// Connect to the database
require_once ("../../../db.php");
// Only allow this for employee users
if (!isset($_SESSION['uid']) || ($_SESSION['type'] != 'employee'))
    die('Not logged in as an employee user');

// updates the status of a project
$sql = 'UPDATE projects SET status=? WHERE id=?';
$sth = $db->prepare($sql);
$sth->execute (array ($_POST['status'], $_POST['pid']));

$sql = 'SELECT e.email, p.title FROM externalusers e, projects p
WHERE p.id ='.$_POST['pid'].' AND e.id = p.owner';
$sth = $db->prepare($sql);
$sth->execute();
$row = $sth->fetchAll();
if ($row) {
    echo json_encode($row);
}
else
    echo json_encode(array('error' => 'status not saved'));